Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 24 Oct 2012 16:51:31 -0400
From: Rich Felker <dalias@...ifal.cx>
To: musl@...ts.openwall.com
Subject: Re: Re: Possible file stream bug

On Wed, Oct 24, 2012 at 10:16:01PM +0200, Paul Schutte wrote:
> Hi
> 
> While investigating this, I stumbled upon another bug:
> 
> #include <unistd.h>
> #include <stdio.h>
> 
> int main() {
>         FILE *fstream;
>         int len;
> 
>         fclose(stdout);
> 
>         len=printf("test this\n");
> 
>         fprintf(stderr,"%d\n",len);
> 
>         return 0;
> }
> 
> Musl's printf gives the amount of bytes no matter whether it succeeds or
> fails.
> It should return a negative value in case of failure.

You invoked undefined behavior by accessing a FILE object after
calling fclose on it. Thus anything can happen. Even if you just
closed the underlying file descriptor #1 without closing the FILE,
printf would be under no obligation to return -1 since the write error
need not be detected until the buffer gets flushed.

Rich

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.